1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Fprobe-based tracing events
4 * Copyright (C) 2022 Google LLC.
5 */
6 #define pr_fmt(fmt) "trace_fprobe: " fmt
7
8 #include <linux/fprobe.h>
9 #include <linux/list.h>
10 #include <linux/module.h>
11 #include <linux/mutex.h>
12 #include <linux/rculist.h>
13 #include <linux/security.h>
14 #include <linux/tracepoint.h>
15 #include <linux/uaccess.h>
16
17 #include <asm/ptrace.h>
18
19 #include "trace_dynevent.h"
20 #include "trace_probe.h"
21 #include "trace_probe_kernel.h"
22 #include "trace_probe_tmpl.h"
23
24 #define FPROBE_EVENT_SYSTEM "fprobes"
25 #define TRACEPOINT_EVENT_SYSTEM "tracepoints"
26 #define RETHOOK_MAXACTIVE_MAX 4096
27
28 static int trace_fprobe_create(const char *raw_command);
29 static int trace_fprobe_show(struct seq_file *m, struct dyn_event *ev);
30 static int trace_fprobe_release(struct dyn_event *ev);
31 static bool trace_fprobe_is_busy(struct dyn_event *ev);
32 static bool trace_fprobe_match(const char *system, const char *event,
33 int argc, const char **argv, struct dyn_event *ev);
34
35 static struct dyn_event_operations trace_fprobe_ops = {
36 .create = trace_fprobe_create,
37 .show = trace_fprobe_show,
38 .is_busy = trace_fprobe_is_busy,
39 .free = trace_fprobe_release,
40 .match = trace_fprobe_match,
41 };
42
43 /* List of tracepoint_user */
44 static LIST_HEAD(tracepoint_user_list);
45 static DEFINE_MUTEX(tracepoint_user_mutex);
46
47 /* While living tracepoint_user, @tpoint can be NULL and @refcount != 0. */
48 struct tracepoint_user {
49 struct list_head list;
50 const char *name;
51 struct tracepoint *tpoint;
52 unsigned int refcount;
53 };
54
55 /* NOTE: you must lock tracepoint_user_mutex. */
56 #define for_each_tracepoint_user(tuser) \
57 list_for_each_entry(tuser, &tracepoint_user_list, list)
58
tracepoint_user_register(struct tracepoint_user * tuser)59 static int tracepoint_user_register(struct tracepoint_user *tuser)
60 {
61 struct tracepoint *tpoint = tuser->tpoint;
62
63 if (!tpoint)
64 return 0;
65
66 return tracepoint_probe_register_prio_may_exist(tpoint,
67 tpoint->probestub, NULL, 0);
68 }
69
tracepoint_user_unregister(struct tracepoint_user * tuser)70 static void tracepoint_user_unregister(struct tracepoint_user *tuser)
71 {
72 if (!tuser->tpoint)
73 return;
74
75 WARN_ON_ONCE(tracepoint_probe_unregister(tuser->tpoint, tuser->tpoint->probestub, NULL));
76 tuser->tpoint = NULL;
77 }
78
tracepoint_user_ip(struct tracepoint_user * tuser)79 static unsigned long tracepoint_user_ip(struct tracepoint_user *tuser)
80 {
81 if (!tuser->tpoint)
82 return 0UL;
83
84 return (unsigned long)tuser->tpoint->probestub;
85 }
86
__tracepoint_user_free(struct tracepoint_user * tuser)87 static void __tracepoint_user_free(struct tracepoint_user *tuser)
88 {
89 if (!tuser)
90 return;
91 kfree(tuser->name);
92 kfree(tuser);
93 }
94
DEFINE_FREE(tuser_free,struct tracepoint_user *,__tracepoint_user_free (_T))95 DEFINE_FREE(tuser_free, struct tracepoint_user *, __tracepoint_user_free(_T))
96
97 static struct tracepoint_user *__tracepoint_user_init(const char *name, struct tracepoint *tpoint)
98 {
99 struct tracepoint_user *tuser __free(tuser_free) = NULL;
100 int ret;
101
102 tuser = kzalloc(sizeof(*tuser), GFP_KERNEL);
103 if (!tuser)
104 return NULL;
105 tuser->name = kstrdup(name, GFP_KERNEL);
106 if (!tuser->name)
107 return NULL;
108
109 if (tpoint) {
110 ret = tracepoint_user_register(tuser);
111 if (ret)
112 return ERR_PTR(ret);
113 }
114
115 tuser->tpoint = tpoint;
116 tuser->refcount = 1;
117 INIT_LIST_HEAD(&tuser->list);
118 list_add(&tuser->list, &tracepoint_user_list);
119
120 return_ptr(tuser);
121 }
122
123 static struct tracepoint *find_tracepoint(const char *tp_name,
124 struct module **tp_mod);
125
126 /*
127 * Get tracepoint_user if exist, or allocate new one and register it.
128 * If tracepoint is on a module, get its refcounter too.
129 * This returns errno or NULL (not loaded yet) or tracepoint_user.
130 */
tracepoint_user_find_get(const char * name,struct module ** pmod)131 static struct tracepoint_user *tracepoint_user_find_get(const char *name, struct module **pmod)
132 {
133 struct module *mod __free(module_put) = NULL;
134 struct tracepoint_user *tuser;
135 struct tracepoint *tpoint;
136
137 if (!name || !pmod)
138 return ERR_PTR(-EINVAL);
139
140 /* Get and lock the module which has tracepoint. */
141 tpoint = find_tracepoint(name, &mod);
142
143 guard(mutex)(&tracepoint_user_mutex);
144 /* Search existing tracepoint_user */
145 for_each_tracepoint_user(tuser) {
146 if (!strcmp(tuser->name, name)) {
147 tuser->refcount++;
148 *pmod = no_free_ptr(mod);
149 return tuser;
150 }
151 }
152
153 /* The corresponding tracepoint_user is not found. */
154 tuser = __tracepoint_user_init(name, tpoint);
155 if (!IS_ERR_OR_NULL(tuser))
156 *pmod = no_free_ptr(mod);
157
158 return tuser;
159 }
160
tracepoint_user_put(struct tracepoint_user * tuser)161 static void tracepoint_user_put(struct tracepoint_user *tuser)
162 {
163 scoped_guard(mutex, &tracepoint_user_mutex) {
164 if (--tuser->refcount > 0)
165 return;
166
167 list_del(&tuser->list);
168 tracepoint_user_unregister(tuser);
169 }
170
171 __tracepoint_user_free(tuser);
172 }
173
174 DEFINE_FREE(tuser_put, struct tracepoint_user *,
175 if (!IS_ERR_OR_NULL(_T))
176 tracepoint_user_put(_T))
177
178 /*
179 * Fprobe event core functions
180 */
181
182 /*
183 * @tprobe is true for tracepoint probe.
184 * @tuser can be NULL if the trace_fprobe is disabled or the tracepoint is not
185 * loaded with a module. If @tuser != NULL, this trace_fprobe is enabled.
186 */
187 struct trace_fprobe {
188 struct dyn_event devent;
189 struct fprobe fp;
190 const char *symbol;
191 bool tprobe;
192 struct tracepoint_user *tuser;
193 struct trace_probe tp;
194 };
195
is_trace_fprobe(struct dyn_event * ev)196 static bool is_trace_fprobe(struct dyn_event *ev)
197 {
198 return ev->ops == &trace_fprobe_ops;
199 }
200
to_trace_fprobe(struct dyn_event * ev)201 static struct trace_fprobe *to_trace_fprobe(struct dyn_event *ev)
202 {
203 return container_of(ev, struct trace_fprobe, devent);
204 }
205
206 /**
207 * for_each_trace_fprobe - iterate over the trace_fprobe list
208 * @pos: the struct trace_fprobe * for each entry
209 * @dpos: the struct dyn_event * to use as a loop cursor
210 */
211 #define for_each_trace_fprobe(pos, dpos) \
212 for_each_dyn_event(dpos) \
213 if (is_trace_fprobe(dpos) && (pos = to_trace_fprobe(dpos)))
214
trace_fprobe_is_return(struct trace_fprobe * tf)215 static bool trace_fprobe_is_return(struct trace_fprobe *tf)
216 {
217 return tf->fp.exit_handler != NULL;
218 }
219
trace_fprobe_is_tracepoint(struct trace_fprobe * tf)220 static bool trace_fprobe_is_tracepoint(struct trace_fprobe *tf)
221 {
222 return tf->tprobe;
223 }
224
trace_fprobe_symbol(struct trace_fprobe * tf)225 static const char *trace_fprobe_symbol(struct trace_fprobe *tf)
226 {
227 return tf->symbol ? tf->symbol : "unknown";
228 }
229
trace_fprobe_is_busy(struct dyn_event * ev)230 static bool trace_fprobe_is_busy(struct dyn_event *ev)
231 {
232 struct trace_fprobe *tf = to_trace_fprobe(ev);
233
234 return trace_probe_is_enabled(&tf->tp);
235 }
236
trace_fprobe_match_command_head(struct trace_fprobe * tf,int argc,const char ** argv)237 static bool trace_fprobe_match_command_head(struct trace_fprobe *tf,
238 int argc, const char **argv)
239 {
240 char buf[MAX_ARGSTR_LEN + 1];
241
242 if (!argc)
243 return true;
244
245 snprintf(buf, sizeof(buf), "%s", trace_fprobe_symbol(tf));
246 if (strcmp(buf, argv[0]))
247 return false;
248 argc--; argv++;
249
250 return trace_probe_match_command_args(&tf->tp, argc, argv);
251 }
252
trace_fprobe_match(const char * system,const char * event,int argc,const char ** argv,struct dyn_event * ev)253 static bool trace_fprobe_match(const char *system, const char *event,
254 int argc, const char **argv, struct dyn_event *ev)
255 {
256 struct trace_fprobe *tf = to_trace_fprobe(ev);
257
258 if (event[0] != '\0' && strcmp(trace_probe_name(&tf->tp), event))
259 return false;
260
261 if (system && strcmp(trace_probe_group_name(&tf->tp), system))
262 return false;
263
264 return trace_fprobe_match_command_head(tf, argc, argv);
265 }
266
trace_fprobe_is_registered(struct trace_fprobe * tf)267 static bool trace_fprobe_is_registered(struct trace_fprobe *tf)
268 {
269 return fprobe_is_registered(&tf->fp);
270 }
271
272 /*
273 * Note that we don't verify the fetch_insn code, since it does not come
274 * from user space.
275 */
276 static int
process_fetch_insn(struct fetch_insn * code,void * rec,void * edata,void * dest,void * base)277 process_fetch_insn(struct fetch_insn *code, void *rec, void *edata,
278 void *dest, void *base)
279 {
280 struct ftrace_regs *fregs = rec;
281 unsigned long val;
282 int ret;
283
284 retry:
285 /* 1st stage: get value from context */
286 switch (code->op) {
287 case FETCH_OP_STACK:
288 val = ftrace_regs_get_kernel_stack_nth(fregs, code->param);
289 break;
290 case FETCH_OP_STACKP:
291 val = ftrace_regs_get_stack_pointer(fregs);
292 break;
293 case FETCH_OP_RETVAL:
294 val = ftrace_regs_get_return_value(fregs);
295 break;
296 #ifdef CONFIG_HAVE_FUNCTION_ARG_ACCESS_API
297 case FETCH_OP_ARG:
298 val = ftrace_regs_get_argument(fregs, code->param);
299 break;
300 case FETCH_OP_EDATA:
301 val = *(unsigned long *)((unsigned long)edata + code->offset);
302 break;
303 #endif
304 case FETCH_NOP_SYMBOL: /* Ignore a place holder */
305 code++;
306 goto retry;
307 default:
308 ret = process_common_fetch_insn(code, &val);
309 if (ret < 0)
310 return ret;
311 }
312 code++;
313
314 return process_fetch_insn_bottom(code, val, dest, base);
315 }
NOKPROBE_SYMBOL(process_fetch_insn)316 NOKPROBE_SYMBOL(process_fetch_insn)
317
318 /* function entry handler */
319 static nokprobe_inline void
320 __fentry_trace_func(struct trace_fprobe *tf, unsigned long entry_ip,
321 struct ftrace_regs *fregs,
322 struct trace_event_file *trace_file)
323 {
324 struct fentry_trace_entry_head *entry;
325 struct trace_event_call *call = trace_probe_event_call(&tf->tp);
326 struct trace_event_buffer fbuffer;
327 int dsize;
328
329 if (WARN_ON_ONCE(call != trace_file->event_call))
330 return;
331
332 if (trace_trigger_soft_disabled(trace_file))
333 return;
334
335 dsize = __get_data_size(&tf->tp, fregs, NULL);
336
337 entry = trace_event_buffer_reserve(&fbuffer, trace_file,
338 sizeof(*entry) + tf->tp.size + dsize);
339 if (!entry)
340 return;
341
342 fbuffer.regs = ftrace_get_regs(fregs);
343 entry = fbuffer.entry = ring_buffer_event_data(fbuffer.event);
344 entry->ip = entry_ip;
345 store_trace_args(&entry[1], &tf->tp, fregs, NULL, sizeof(*entry), dsize);
346
347 trace_event_buffer_commit(&fbuffer);
348 }
349
350 static void
fentry_trace_func(struct trace_fprobe * tf,unsigned long entry_ip,struct ftrace_regs * fregs)351 fentry_trace_func(struct trace_fprobe *tf, unsigned long entry_ip,
352 struct ftrace_regs *fregs)
353 {
354 struct event_file_link *link;
355
356 trace_probe_for_each_link_rcu(link, &tf->tp)
357 __fentry_trace_func(tf, entry_ip, fregs, link->file);
358 }
359 NOKPROBE_SYMBOL(fentry_trace_func);
360
361 static nokprobe_inline
store_fprobe_entry_data(void * edata,struct trace_probe * tp,struct ftrace_regs * fregs)362 void store_fprobe_entry_data(void *edata, struct trace_probe *tp, struct ftrace_regs *fregs)
363 {
364 struct probe_entry_arg *earg = tp->entry_arg;
365 unsigned long val = 0;
366 int i;
367
368 if (!earg)
369 return;
370
371 for (i = 0; i < earg->size; i++) {
372 struct fetch_insn *code = &earg->code[i];
373
374 switch (code->op) {
375 case FETCH_OP_ARG:
376 val = ftrace_regs_get_argument(fregs, code->param);
377 break;
378 case FETCH_OP_ST_EDATA:
379 *(unsigned long *)((unsigned long)edata + code->offset) = val;
380 break;
381 case FETCH_OP_END:
382 goto end;
383 default:
384 break;
385 }
386 }
387 end:
388 return;
389 }
390
391 /* function exit handler */
trace_fprobe_entry_handler(struct fprobe * fp,unsigned long entry_ip,unsigned long ret_ip,struct ftrace_regs * fregs,void * entry_data)392 static int trace_fprobe_entry_handler(struct fprobe *fp, unsigned long entry_ip,
393 unsigned long ret_ip, struct ftrace_regs *fregs,
394 void *entry_data)
395 {
396 struct trace_fprobe *tf = container_of(fp, struct trace_fprobe, fp);
397
398 if (tf->tp.entry_arg)
399 store_fprobe_entry_data(entry_data, &tf->tp, fregs);
400
401 return 0;
402 }
NOKPROBE_SYMBOL(trace_fprobe_entry_handler)403 NOKPROBE_SYMBOL(trace_fprobe_entry_handler)
404
405 static nokprobe_inline void
406 __fexit_trace_func(struct trace_fprobe *tf, unsigned long entry_ip,
407 unsigned long ret_ip, struct ftrace_regs *fregs,
408 void *entry_data, struct trace_event_file *trace_file)
409 {
410 struct fexit_trace_entry_head *entry;
411 struct trace_event_buffer fbuffer;
412 struct trace_event_call *call = trace_probe_event_call(&tf->tp);
413 int dsize;
414
415 if (WARN_ON_ONCE(call != trace_file->event_call))
416 return;
417
418 if (trace_trigger_soft_disabled(trace_file))
419 return;
420
421 dsize = __get_data_size(&tf->tp, fregs, entry_data);
422
423 entry = trace_event_buffer_reserve(&fbuffer, trace_file,
424 sizeof(*entry) + tf->tp.size + dsize);
425 if (!entry)
426 return;
427
428 fbuffer.regs = ftrace_get_regs(fregs);
429 entry = fbuffer.entry = ring_buffer_event_data(fbuffer.event);
430 entry->func = entry_ip;
431 entry->ret_ip = ret_ip;
432 store_trace_args(&entry[1], &tf->tp, fregs, entry_data, sizeof(*entry), dsize);
433
434 trace_event_buffer_commit(&fbuffer);
435 }
436
437 static void
fexit_trace_func(struct trace_fprobe * tf,unsigned long entry_ip,unsigned long ret_ip,struct ftrace_regs * fregs,void * entry_data)438 fexit_trace_func(struct trace_fprobe *tf, unsigned long entry_ip,
439 unsigned long ret_ip, struct ftrace_regs *fregs, void *entry_data)
440 {
441 struct event_file_link *link;
442
443 trace_probe_for_each_link_rcu(link, &tf->tp)
444 __fexit_trace_func(tf, entry_ip, ret_ip, fregs, entry_data, link->file);
445 }
446 NOKPROBE_SYMBOL(fexit_trace_func);
447
448 #ifdef CONFIG_PERF_EVENTS
449
fentry_perf_func(struct trace_fprobe * tf,unsigned long entry_ip,struct ftrace_regs * fregs)450 static int fentry_perf_func(struct trace_fprobe *tf, unsigned long entry_ip,
451 struct ftrace_regs *fregs)
452 {
453 struct trace_event_call *call = trace_probe_event_call(&tf->tp);
454 struct fentry_trace_entry_head *entry;
455 struct hlist_head *head;
456 int size, __size, dsize;
457 struct pt_regs *regs;
458 int rctx;
459
460 head = this_cpu_ptr(call->perf_events);
461 if (hlist_empty(head))
462 return 0;
463
464 dsize = __get_data_size(&tf->tp, fregs, NULL);
465 __size = sizeof(*entry) + tf->tp.size + dsize;
466 size = ALIGN(__size + sizeof(u32), sizeof(u64));
467 size -= sizeof(u32);
468
469 entry = perf_trace_buf_alloc(size, ®s, &rctx);
470 if (!entry)
471 return 0;
472
473 regs = ftrace_fill_perf_regs(fregs, regs);
474
475 entry->ip = entry_ip;
476 memset(&entry[1], 0, dsize);
477 store_trace_args(&entry[1], &tf->tp, fregs, NULL, sizeof(*entry), dsize);
478 perf_trace_buf_submit(entry, size, rctx, call->event.type, 1, regs,
479 head, NULL);
480 return 0;
481 }
482 NOKPROBE_SYMBOL(fentry_perf_func);
483
484 static void
fexit_perf_func(struct trace_fprobe * tf,unsigned long entry_ip,unsigned long ret_ip,struct ftrace_regs * fregs,void * entry_data)485 fexit_perf_func(struct trace_fprobe *tf, unsigned long entry_ip,
486 unsigned long ret_ip, struct ftrace_regs *fregs,
487 void *entry_data)
488 {
489 struct trace_event_call *call = trace_probe_event_call(&tf->tp);
490 struct fexit_trace_entry_head *entry;
491 struct hlist_head *head;
492 int size, __size, dsize;
493 struct pt_regs *regs;
494 int rctx;
495
496 head = this_cpu_ptr(call->perf_events);
497 if (hlist_empty(head))
498 return;
499
500 dsize = __get_data_size(&tf->tp, fregs, entry_data);
501 __size = sizeof(*entry) + tf->tp.size + dsize;
502 size = ALIGN(__size + sizeof(u32), sizeof(u64));
503 size -= sizeof(u32);
504
505 entry = perf_trace_buf_alloc(size, ®s, &rctx);
506 if (!entry)
507 return;
508
509 regs = ftrace_fill_perf_regs(fregs, regs);
510
511 entry->func = entry_ip;
512 entry->ret_ip = ret_ip;
513 store_trace_args(&entry[1], &tf->tp, fregs, entry_data, sizeof(*entry), dsize);
514 perf_trace_buf_submit(entry, size, rctx, call->event.type, 1, regs,
515 head, NULL);
516 }
517 NOKPROBE_SYMBOL(fexit_perf_func);
518 #endif /* CONFIG_PERF_EVENTS */
519
fentry_dispatcher(struct fprobe * fp,unsigned long entry_ip,unsigned long ret_ip,struct ftrace_regs * fregs,void * entry_data)520 static int fentry_dispatcher(struct fprobe *fp, unsigned long entry_ip,
521 unsigned long ret_ip, struct ftrace_regs *fregs,
522 void *entry_data)
523 {
524 struct trace_fprobe *tf = container_of(fp, struct trace_fprobe, fp);
525 int ret = 0;
526
527 if (trace_probe_test_flag(&tf->tp, TP_FLAG_TRACE))
528 fentry_trace_func(tf, entry_ip, fregs);
529
530 #ifdef CONFIG_PERF_EVENTS
531 if (trace_probe_test_flag(&tf->tp, TP_FLAG_PROFILE))
532 ret = fentry_perf_func(tf, entry_ip, fregs);
533 #endif
534 return ret;
535 }
536 NOKPROBE_SYMBOL(fentry_dispatcher);
537
fexit_dispatcher(struct fprobe * fp,unsigned long entry_ip,unsigned long ret_ip,struct ftrace_regs * fregs,void * entry_data)538 static void fexit_dispatcher(struct fprobe *fp, unsigned long entry_ip,
539 unsigned long ret_ip, struct ftrace_regs *fregs,
540 void *entry_data)
541 {
542 struct trace_fprobe *tf = container_of(fp, struct trace_fprobe, fp);
543
544 if (trace_probe_test_flag(&tf->tp, TP_FLAG_TRACE))
545 fexit_trace_func(tf, entry_ip, ret_ip, fregs, entry_data);
546 #ifdef CONFIG_PERF_EVENTS
547 if (trace_probe_test_flag(&tf->tp, TP_FLAG_PROFILE))
548 fexit_perf_func(tf, entry_ip, ret_ip, fregs, entry_data);
549 #endif
550 }
551 NOKPROBE_SYMBOL(fexit_dispatcher);
552
free_trace_fprobe(struct trace_fprobe * tf)553 static void free_trace_fprobe(struct trace_fprobe *tf)
554 {
555 if (tf) {
556 trace_probe_cleanup(&tf->tp);
557 if (tf->tuser)
558 tracepoint_user_put(tf->tuser);
559 kfree(tf->symbol);
560 kfree(tf);
561 }
562 }
563
564 /* Since alloc_trace_fprobe() can return error, check the pointer is ERR too. */
565 DEFINE_FREE(free_trace_fprobe, struct trace_fprobe *, if (!IS_ERR_OR_NULL(_T)) free_trace_fprobe(_T))
566
567 /*
568 * Allocate new trace_probe and initialize it (including fprobe).
569 */
alloc_trace_fprobe(const char * group,const char * event,const char * symbol,int nargs,bool is_return,bool is_tracepoint)570 static struct trace_fprobe *alloc_trace_fprobe(const char *group,
571 const char *event,
572 const char *symbol,
573 int nargs, bool is_return,
574 bool is_tracepoint)
575 {
576 struct trace_fprobe *tf __free(free_trace_fprobe) = NULL;
577 int ret = -ENOMEM;
578
579 tf = kzalloc(struct_size(tf, tp.args, nargs), GFP_KERNEL);
580 if (!tf)
581 return ERR_PTR(ret);
582
583 tf->symbol = kstrdup(symbol, GFP_KERNEL);
584 if (!tf->symbol)
585 return ERR_PTR(-ENOMEM);
586
587 if (is_return)
588 tf->fp.exit_handler = fexit_dispatcher;
589 else
590 tf->fp.entry_handler = fentry_dispatcher;
591
592 tf->tprobe = is_tracepoint;
593
594 ret = trace_probe_init(&tf->tp, event, group, false, nargs);
595 if (ret < 0)
596 return ERR_PTR(ret);
597
598 dyn_event_init(&tf->devent, &trace_fprobe_ops);
599 return_ptr(tf);
600 }
601
find_trace_fprobe(const char * event,const char * group)602 static struct trace_fprobe *find_trace_fprobe(const char *event,
603 const char *group)
604 {
605 struct dyn_event *pos;
606 struct trace_fprobe *tf;
607
608 for_each_trace_fprobe(tf, pos)
609 if (strcmp(trace_probe_name(&tf->tp), event) == 0 &&
610 strcmp(trace_probe_group_name(&tf->tp), group) == 0)
611 return tf;
612 return NULL;
613 }
614
615 /* Event entry printers */
616 static enum print_line_t
print_fentry_event(struct trace_iterator * iter,int flags,struct trace_event * event)617 print_fentry_event(struct trace_iterator *iter, int flags,
618 struct trace_event *event)
619 {
620 struct fentry_trace_entry_head *field;
621 struct trace_seq *s = &iter->seq;
622 struct trace_probe *tp;
623
624 field = (struct fentry_trace_entry_head *)iter->ent;
625 tp = trace_probe_primary_from_call(
626 container_of(event, struct trace_event_call, event));
627 if (WARN_ON_ONCE(!tp))
628 goto out;
629
630 trace_seq_printf(s, "%s: (", trace_probe_name(tp));
631
632 if (!seq_print_ip_sym(s, field->ip, flags | TRACE_ITER_SYM_OFFSET))
633 goto out;
634
635 trace_seq_putc(s, ')');
636
637 if (trace_probe_print_args(s, tp->args, tp->nr_args,
638 (u8 *)&field[1], field) < 0)
639 goto out;
640
641 trace_seq_putc(s, '\n');
642 out:
643 return trace_handle_return(s);
644 }
645
646 static enum print_line_t
print_fexit_event(struct trace_iterator * iter,int flags,struct trace_event * event)647 print_fexit_event(struct trace_iterator *iter, int flags,
648 struct trace_event *event)
649 {
650 struct fexit_trace_entry_head *field;
651 struct trace_seq *s = &iter->seq;
652 struct trace_probe *tp;
653
654 field = (struct fexit_trace_entry_head *)iter->ent;
655 tp = trace_probe_primary_from_call(
656 container_of(event, struct trace_event_call, event));
657 if (WARN_ON_ONCE(!tp))
658 goto out;
659
660 trace_seq_printf(s, "%s: (", trace_probe_name(tp));
661
662 if (!seq_print_ip_sym(s, field->ret_ip, flags | TRACE_ITER_SYM_OFFSET))
663 goto out;
664
665 trace_seq_puts(s, " <- ");
666
667 if (!seq_print_ip_sym(s, field->func, flags & ~TRACE_ITER_SYM_OFFSET))
668 goto out;
669
670 trace_seq_putc(s, ')');
671
672 if (trace_probe_print_args(s, tp->args, tp->nr_args,
673 (u8 *)&field[1], field) < 0)
674 goto out;
675
676 trace_seq_putc(s, '\n');
677
678 out:
679 return trace_handle_return(s);
680 }
681
fentry_event_define_fields(struct trace_event_call * event_call)682 static int fentry_event_define_fields(struct trace_event_call *event_call)
683 {
684 int ret;
685 struct fentry_trace_entry_head field;
686 struct trace_probe *tp;
687
688 tp = trace_probe_primary_from_call(event_call);
689 if (WARN_ON_ONCE(!tp))
690 return -ENOENT;
691
692 DEFINE_FIELD(unsigned long, ip, FIELD_STRING_IP, 0);
693
694 return traceprobe_define_arg_fields(event_call, sizeof(field), tp);
695 }
696
fexit_event_define_fields(struct trace_event_call * event_call)697 static int fexit_event_define_fields(struct trace_event_call *event_call)
698 {
699 int ret;
700 struct fexit_trace_entry_head field;
701 struct trace_probe *tp;
702
703 tp = trace_probe_primary_from_call(event_call);
704 if (WARN_ON_ONCE(!tp))
705 return -ENOENT;
706
707 DEFINE_FIELD(unsigned long, func, FIELD_STRING_FUNC, 0);
708 DEFINE_FIELD(unsigned long, ret_ip, FIELD_STRING_RETIP, 0);
709
710 return traceprobe_define_arg_fields(event_call, sizeof(field), tp);
711 }
712
713 static struct trace_event_functions fentry_funcs = {
714 .trace = print_fentry_event
715 };
716
717 static struct trace_event_functions fexit_funcs = {
718 .trace = print_fexit_event
719 };
720
721 static struct trace_event_fields fentry_fields_array[] = {
722 { .type = TRACE_FUNCTION_TYPE,
723 .define_fields = fentry_event_define_fields },
724 {}
725 };
726
727 static struct trace_event_fields fexit_fields_array[] = {
728 { .type = TRACE_FUNCTION_TYPE,
729 .define_fields = fexit_event_define_fields },
730 {}
731 };
732
733 static int fprobe_register(struct trace_event_call *event,
734 enum trace_reg type, void *data);
735
init_trace_event_call(struct trace_fprobe * tf)736 static inline void init_trace_event_call(struct trace_fprobe *tf)
737 {
738 struct trace_event_call *call = trace_probe_event_call(&tf->tp);
739
740 if (trace_fprobe_is_return(tf)) {
741 call->event.funcs = &fexit_funcs;
742 call->class->fields_array = fexit_fields_array;
743 } else {
744 call->event.funcs = &fentry_funcs;
745 call->class->fields_array = fentry_fields_array;
746 }
747
748 call->flags = TRACE_EVENT_FL_FPROBE;
749 call->class->reg = fprobe_register;
750 }
751
register_fprobe_event(struct trace_fprobe * tf)752 static int register_fprobe_event(struct trace_fprobe *tf)
753 {
754 init_trace_event_call(tf);
755
756 return trace_probe_register_event_call(&tf->tp);
757 }
758
unregister_fprobe_event(struct trace_fprobe * tf)759 static int unregister_fprobe_event(struct trace_fprobe *tf)
760 {
761 return trace_probe_unregister_event_call(&tf->tp);
762 }
763
__regsiter_tracepoint_fprobe(struct trace_fprobe * tf)764 static int __regsiter_tracepoint_fprobe(struct trace_fprobe *tf)
765 {
766 struct tracepoint_user *tuser __free(tuser_put) = NULL;
767 struct module *mod __free(module_put) = NULL;
768 unsigned long ip;
769 int ret;
770
771 if (WARN_ON_ONCE(tf->tuser))
772 return -EINVAL;
773
774 /* If the tracepoint is in a module, it must be locked in this function. */
775 tuser = tracepoint_user_find_get(tf->symbol, &mod);
776 /* This tracepoint is not loaded yet */
777 if (IS_ERR(tuser))
778 return PTR_ERR(tuser);
779 if (!tuser)
780 return -ENOMEM;
781
782 /* Register fprobe only if the tracepoint is loaded. */
783 if (tuser->tpoint) {
784 ip = tracepoint_user_ip(tuser);
785 if (WARN_ON_ONCE(!ip))
786 return -ENOENT;
787
788 ret = register_fprobe_ips(&tf->fp, &ip, 1);
789 if (ret < 0)
790 return ret;
791 }
792
793 tf->tuser = no_free_ptr(tuser);
794 return 0;
795 }
796
797 /* Returns an error if the target function is not available, or 0 */
trace_fprobe_verify_target(struct trace_fprobe * tf)798 static int trace_fprobe_verify_target(struct trace_fprobe *tf)
799 {
800 int ret;
801
802 /* Tracepoint should have a stub function. */
803 if (trace_fprobe_is_tracepoint(tf))
804 return 0;
805
806 /*
807 * Note: since we don't lock the module, even if this succeeded,
808 * register_fprobe() later can fail.
809 */
810 ret = fprobe_count_ips_from_filter(tf->symbol, NULL);
811 return (ret < 0) ? ret : 0;
812 }
813
814 /* Internal register function - just handle fprobe and flags */
__register_trace_fprobe(struct trace_fprobe * tf)815 static int __register_trace_fprobe(struct trace_fprobe *tf)
816 {
817 int i, ret;
818
819 /* Should we need new LOCKDOWN flag for fprobe? */
820 ret = security_locked_down(LOCKDOWN_KPROBES);
821 if (ret)
822 return ret;
823
824 if (trace_fprobe_is_registered(tf))
825 return -EINVAL;
826
827 for (i = 0; i < tf->tp.nr_args; i++) {
828 ret = traceprobe_update_arg(&tf->tp.args[i]);
829 if (ret)
830 return ret;
831 }
832
833 tf->fp.flags &= ~FPROBE_FL_DISABLED;
834
835 if (trace_fprobe_is_tracepoint(tf))
836 return __regsiter_tracepoint_fprobe(tf);
837
838 /* TODO: handle filter, nofilter or symbol list */
839 return register_fprobe(&tf->fp, tf->symbol, NULL);
840 }
841
842 /* Internal unregister function - just handle fprobe and flags */
__unregister_trace_fprobe(struct trace_fprobe * tf)843 static void __unregister_trace_fprobe(struct trace_fprobe *tf)
844 {
845 if (trace_fprobe_is_registered(tf))
846 unregister_fprobe(&tf->fp);
847 if (tf->tuser) {
848 tracepoint_user_put(tf->tuser);
849 tf->tuser = NULL;
850 }
851 }
852
853 /* TODO: make this trace_*probe common function */
854 /* Unregister a trace_probe and probe_event */
unregister_trace_fprobe(struct trace_fprobe * tf)855 static int unregister_trace_fprobe(struct trace_fprobe *tf)
856 {
857 /* If other probes are on the event, just unregister fprobe */
858 if (trace_probe_has_sibling(&tf->tp))
859 goto unreg;
860
861 /* Enabled event can not be unregistered */
862 if (trace_probe_is_enabled(&tf->tp))
863 return -EBUSY;
864
865 /* If there's a reference to the dynamic event */
866 if (trace_event_dyn_busy(trace_probe_event_call(&tf->tp)))
867 return -EBUSY;
868
869 /* Will fail if probe is being used by ftrace or perf */
870 if (unregister_fprobe_event(tf))
871 return -EBUSY;
872
873 unreg:
874 __unregister_trace_fprobe(tf);
875 dyn_event_remove(&tf->devent);
876 trace_probe_unlink(&tf->tp);
877
878 return 0;
879 }
880
trace_fprobe_has_same_fprobe(struct trace_fprobe * orig,struct trace_fprobe * comp)881 static bool trace_fprobe_has_same_fprobe(struct trace_fprobe *orig,
882 struct trace_fprobe *comp)
883 {
884 struct trace_probe_event *tpe = orig->tp.event;
885 int i;
886
887 list_for_each_entry(orig, &tpe->probes, tp.list) {
888 if (strcmp(trace_fprobe_symbol(orig),
889 trace_fprobe_symbol(comp)))
890 continue;
891
892 /*
893 * trace_probe_compare_arg_type() ensured that nr_args and
894 * each argument name and type are same. Let's compare comm.
895 */
896 for (i = 0; i < orig->tp.nr_args; i++) {
897 if (strcmp(orig->tp.args[i].comm,
898 comp->tp.args[i].comm))
899 break;
900 }
901
902 if (i == orig->tp.nr_args)
903 return true;
904 }
905
906 return false;
907 }
908
append_trace_fprobe_event(struct trace_fprobe * tf,struct trace_fprobe * to)909 static int append_trace_fprobe_event(struct trace_fprobe *tf, struct trace_fprobe *to)
910 {
911 int ret;
912
913 if (trace_fprobe_is_return(tf) != trace_fprobe_is_return(to) ||
914 trace_fprobe_is_tracepoint(tf) != trace_fprobe_is_tracepoint(to)) {
915 trace_probe_log_set_index(0);
916 trace_probe_log_err(0, DIFF_PROBE_TYPE);
917 return -EEXIST;
918 }
919 ret = trace_probe_compare_arg_type(&tf->tp, &to->tp);
920 if (ret) {
921 /* Note that argument starts index = 2 */
922 trace_probe_log_set_index(ret + 1);
923 trace_probe_log_err(0, DIFF_ARG_TYPE);
924 return -EEXIST;
925 }
926 if (trace_fprobe_has_same_fprobe(to, tf)) {
927 trace_probe_log_set_index(0);
928 trace_probe_log_err(0, SAME_PROBE);
929 return -EEXIST;
930 }
931
932 /* Append to existing event */
933 ret = trace_probe_append(&tf->tp, &to->tp);
934 if (ret)
935 return ret;
936
937 ret = trace_fprobe_verify_target(tf);
938 if (ret)
939 trace_probe_unlink(&tf->tp);
940 else
941 dyn_event_add(&tf->devent, trace_probe_event_call(&tf->tp));
942
943 return ret;
944 }
945
946 /* Register a trace_probe and probe_event, and check the fprobe is available. */
register_trace_fprobe_event(struct trace_fprobe * tf)947 static int register_trace_fprobe_event(struct trace_fprobe *tf)
948 {
949 struct trace_fprobe *old_tf;
950 int ret;
951
952 guard(mutex)(&event_mutex);
953
954 old_tf = find_trace_fprobe(trace_probe_name(&tf->tp),
955 trace_probe_group_name(&tf->tp));
956 if (old_tf)
957 return append_trace_fprobe_event(tf, old_tf);
958
959 /* Register new event */
960 ret = register_fprobe_event(tf);
961 if (ret) {
962 if (ret == -EEXIST) {
963 trace_probe_log_set_index(0);
964 trace_probe_log_err(0, EVENT_EXIST);
965 } else
966 pr_warn("Failed to register probe event(%d)\n", ret);
967 return ret;
968 }
969
970 /* Verify fprobe is sane. */
971 ret = trace_fprobe_verify_target(tf);
972 if (ret < 0)
973 unregister_fprobe_event(tf);
974 else
975 dyn_event_add(&tf->devent, trace_probe_event_call(&tf->tp));
976
977 return ret;
978 }
979
980 struct __find_tracepoint_cb_data {
981 const char *tp_name;
982 struct tracepoint *tpoint;
983 struct module *mod;
984 };
985
__find_tracepoint_module_cb(struct tracepoint * tp,struct module * mod,void * priv)986 static void __find_tracepoint_module_cb(struct tracepoint *tp, struct module *mod, void *priv)
987 {
988 struct __find_tracepoint_cb_data *data = priv;
989
990 if (!data->tpoint && !strcmp(data->tp_name, tp->name)) {
991 /* If module is not specified, try getting module refcount. */
992 if (!data->mod && mod) {
993 /* If failed to get refcount, ignore this tracepoint. */
994 if (!try_module_get(mod))
995 return;
996
997 data->mod = mod;
998 }
999 data->tpoint = tp;
1000 }
1001 }
1002
__find_tracepoint_cb(struct tracepoint * tp,void * priv)1003 static void __find_tracepoint_cb(struct tracepoint *tp, void *priv)
1004 {
1005 struct __find_tracepoint_cb_data *data = priv;
1006
1007 if (!data->tpoint && !strcmp(data->tp_name, tp->name))
1008 data->tpoint = tp;
1009 }
1010
1011 /*
1012 * Find a tracepoint from kernel and module. If the tracepoint is on the module,
1013 * the module's refcount is incremented and returned as *@tp_mod. Thus, if it is
1014 * not NULL, caller must call module_put(*tp_mod) after used the tracepoint.
1015 */
find_tracepoint(const char * tp_name,struct module ** tp_mod)1016 static struct tracepoint *find_tracepoint(const char *tp_name,
1017 struct module **tp_mod)
1018 {
1019 struct __find_tracepoint_cb_data data = {
1020 .tp_name = tp_name,
1021 .mod = NULL,
1022 };
1023
1024 for_each_kernel_tracepoint(__find_tracepoint_cb, &data);
1025
1026 if (!data.tpoint && IS_ENABLED(CONFIG_MODULES)) {
1027 for_each_module_tracepoint(__find_tracepoint_module_cb, &data);
1028 *tp_mod = data.mod;
1029 }
1030
1031 return data.tpoint;
1032 }
1033
1034 #ifdef CONFIG_MODULES
1035 /*
1036 * Find a tracepoint from specified module. In this case, this does not get the
1037 * module's refcount. The caller must ensure the module is not freed.
1038 */
find_tracepoint_in_module(struct module * mod,const char * tp_name)1039 static struct tracepoint *find_tracepoint_in_module(struct module *mod,
1040 const char *tp_name)
1041 {
1042 struct __find_tracepoint_cb_data data = {
1043 .tp_name = tp_name,
1044 .mod = mod,
1045 };
1046
1047 for_each_tracepoint_in_module(mod, __find_tracepoint_module_cb, &data);
1048 return data.tpoint;
1049 }
1050
1051 /* These are CONFIG_MODULES=y specific functions. */
tracepoint_user_within_module(struct tracepoint_user * tuser,struct module * mod)1052 static bool tracepoint_user_within_module(struct tracepoint_user *tuser,
1053 struct module *mod)
1054 {
1055 return within_module(tracepoint_user_ip(tuser), mod);
1056 }
1057
tracepoint_user_register_again(struct tracepoint_user * tuser,struct tracepoint * tpoint)1058 static int tracepoint_user_register_again(struct tracepoint_user *tuser,
1059 struct tracepoint *tpoint)
1060 {
1061 tuser->tpoint = tpoint;
1062 return tracepoint_user_register(tuser);
1063 }
1064
tracepoint_user_unregister_clear(struct tracepoint_user * tuser)1065 static void tracepoint_user_unregister_clear(struct tracepoint_user *tuser)
1066 {
1067 tracepoint_user_unregister(tuser);
1068 tuser->tpoint = NULL;
1069 }
1070
1071 /* module callback for tracepoint_user */
__tracepoint_probe_module_cb(struct notifier_block * self,unsigned long val,void * data)1072 static int __tracepoint_probe_module_cb(struct notifier_block *self,
1073 unsigned long val, void *data)
1074 {
1075 struct tp_module *tp_mod = data;
1076 struct tracepoint_user *tuser;
1077 struct tracepoint *tpoint;
1078
1079 if (val != MODULE_STATE_GOING && val != MODULE_STATE_COMING)
1080 return NOTIFY_DONE;
1081
1082 mutex_lock(&tracepoint_user_mutex);
1083 for_each_tracepoint_user(tuser) {
1084 if (val == MODULE_STATE_COMING) {
1085 /* This is not a tracepoint in this module. Skip it. */
1086 tpoint = find_tracepoint_in_module(tp_mod->mod, tuser->name);
1087 if (!tpoint)
1088 continue;
1089 WARN_ON_ONCE(tracepoint_user_register_again(tuser, tpoint));
1090 } else if (val == MODULE_STATE_GOING &&
1091 tracepoint_user_within_module(tuser, tp_mod->mod)) {
1092 /* Unregister all tracepoint_user in this module. */
1093 tracepoint_user_unregister_clear(tuser);
1094 }
1095 }
1096 mutex_unlock(&tracepoint_user_mutex);
1097
1098 return NOTIFY_DONE;
1099 }
1100
1101 static struct notifier_block tracepoint_module_nb = {
1102 .notifier_call = __tracepoint_probe_module_cb,
1103 };
1104
1105 /* module callback for tprobe events */
__tprobe_event_module_cb(struct notifier_block * self,unsigned long val,void * data)1106 static int __tprobe_event_module_cb(struct notifier_block *self,
1107 unsigned long val, void *data)
1108 {
1109 struct trace_fprobe *tf;
1110 struct dyn_event *pos;
1111 struct module *mod = data;
1112
1113 if (val != MODULE_STATE_GOING && val != MODULE_STATE_COMING)
1114 return NOTIFY_DONE;
1115
1116 mutex_lock(&event_mutex);
1117 for_each_trace_fprobe(tf, pos) {
1118 /* Skip fprobe and disabled tprobe events. */
1119 if (!trace_fprobe_is_tracepoint(tf) || !tf->tuser)
1120 continue;
1121
1122 /* Before this notification, tracepoint notifier has already done. */
1123 if (val == MODULE_STATE_COMING &&
1124 tracepoint_user_within_module(tf->tuser, mod)) {
1125 unsigned long ip = tracepoint_user_ip(tf->tuser);
1126
1127 WARN_ON_ONCE(register_fprobe_ips(&tf->fp, &ip, 1));
1128 } else if (val == MODULE_STATE_GOING &&
1129 /*
1130 * tracepoint_user_within_module() does not work here because
1131 * tracepoint_user is already unregistered and cleared tpoint.
1132 * Instead, checking whether the fprobe is registered but
1133 * tpoint is cleared(unregistered). Such unbalance probes
1134 * must be adjusted anyway.
1135 */
1136 trace_fprobe_is_registered(tf) &&
1137 !tf->tuser->tpoint) {
1138 unregister_fprobe(&tf->fp);
1139 }
1140 }
1141 mutex_unlock(&event_mutex);
1142
1143 return NOTIFY_DONE;
1144 }
1145
1146 /* NOTE: this must be called after tracepoint callback */
1147 static struct notifier_block tprobe_event_module_nb = {
1148 .notifier_call = __tprobe_event_module_cb,
1149 /* Make sure this is later than tracepoint module notifier. */
1150 .priority = -10,
1151 };
1152 #endif /* CONFIG_MODULES */
1153
parse_symbol_and_return(int argc,const char * argv[],char ** symbol,bool * is_return,bool is_tracepoint)1154 static int parse_symbol_and_return(int argc, const char *argv[],
1155 char **symbol, bool *is_return,
1156 bool is_tracepoint)
1157 {
1158 char *tmp = strchr(argv[1], '%');
1159 int i;
1160
1161 if (tmp) {
1162 int len = tmp - argv[1];
1163
1164 if (!is_tracepoint && !strcmp(tmp, "%return")) {
1165 *is_return = true;
1166 } else {
1167 trace_probe_log_err(len, BAD_ADDR_SUFFIX);
1168 return -EINVAL;
1169 }
1170 *symbol = kmemdup_nul(argv[1], len, GFP_KERNEL);
1171 } else
1172 *symbol = kstrdup(argv[1], GFP_KERNEL);
1173 if (!*symbol)
1174 return -ENOMEM;
1175
1176 if (*is_return)
1177 return 0;
1178
1179 if (is_tracepoint) {
1180 tmp = *symbol;
1181 while (*tmp && (isalnum(*tmp) || *tmp == '_'))
1182 tmp++;
1183 if (*tmp) {
1184 /* find a wrong character. */
1185 trace_probe_log_err(tmp - *symbol, BAD_TP_NAME);
1186 kfree(*symbol);
1187 *symbol = NULL;
1188 return -EINVAL;
1189 }
1190 }
1191
1192 /* If there is $retval, this should be a return fprobe. */
1193 for (i = 2; i < argc; i++) {
1194 tmp = strstr(argv[i], "$retval");
1195 if (tmp && !isalnum(tmp[7]) && tmp[7] != '_') {
1196 if (is_tracepoint) {
1197 trace_probe_log_set_index(i);
1198 trace_probe_log_err(tmp - argv[i], RETVAL_ON_PROBE);
1199 kfree(*symbol);
1200 *symbol = NULL;
1201 return -EINVAL;
1202 }
1203 *is_return = true;
1204 break;
1205 }
1206 }
1207 return 0;
1208 }
1209
trace_fprobe_create_internal(int argc,const char * argv[],struct traceprobe_parse_context * ctx)1210 static int trace_fprobe_create_internal(int argc, const char *argv[],
1211 struct traceprobe_parse_context *ctx)
1212 {
1213 /*
1214 * Argument syntax:
1215 * - Add fentry probe:
1216 * f[:[GRP/][EVENT]] [MOD:]KSYM [FETCHARGS]
1217 * - Add fexit probe:
1218 * f[N][:[GRP/][EVENT]] [MOD:]KSYM%return [FETCHARGS]
1219 * - Add tracepoint probe:
1220 * t[:[GRP/][EVENT]] TRACEPOINT [FETCHARGS]
1221 *
1222 * Fetch args:
1223 * $retval : fetch return value
1224 * $stack : fetch stack address
1225 * $stackN : fetch Nth entry of stack (N:0-)
1226 * $argN : fetch Nth argument (N:1-)
1227 * $comm : fetch current task comm
1228 * @ADDR : fetch memory at ADDR (ADDR should be in kernel)
1229 * @SYM[+|-offs] : fetch memory at SYM +|- offs (SYM is a data symbol)
1230 * Dereferencing memory fetch:
1231 * +|-offs(ARG) : fetch memory at ARG +|- offs address.
1232 * Alias name of args:
1233 * NAME=FETCHARG : set NAME as alias of FETCHARG.
1234 * Type of args:
1235 * FETCHARG:TYPE : use TYPE instead of unsigned long.
1236 */
1237 struct trace_fprobe *tf __free(free_trace_fprobe) = NULL;
1238 const char *event = NULL, *group = FPROBE_EVENT_SYSTEM;
1239 struct module *mod __free(module_put) = NULL;
1240 const char **new_argv __free(kfree) = NULL;
1241 char *symbol __free(kfree) = NULL;
1242 char *ebuf __free(kfree) = NULL;
1243 char *gbuf __free(kfree) = NULL;
1244 char *sbuf __free(kfree) = NULL;
1245 char *abuf __free(kfree) = NULL;
1246 char *dbuf __free(kfree) = NULL;
1247 int i, new_argc = 0, ret = 0;
1248 bool is_tracepoint = false;
1249 bool is_return = false;
1250
1251 if ((argv[0][0] != 'f' && argv[0][0] != 't') || argc < 2)
1252 return -ECANCELED;
1253
1254 if (argv[0][0] == 't') {
1255 is_tracepoint = true;
1256 group = TRACEPOINT_EVENT_SYSTEM;
1257 }
1258
1259 if (argv[0][1] != '\0') {
1260 if (argv[0][1] != ':') {
1261 trace_probe_log_set_index(0);
1262 trace_probe_log_err(1, BAD_MAXACT);
1263 return -EINVAL;
1264 }
1265 event = &argv[0][2];
1266 }
1267
1268 trace_probe_log_set_index(1);
1269
1270 /* a symbol(or tracepoint) must be specified */
1271 ret = parse_symbol_and_return(argc, argv, &symbol, &is_return, is_tracepoint);
1272 if (ret < 0)
1273 return -EINVAL;
1274
1275 trace_probe_log_set_index(0);
1276 if (event) {
1277 gbuf = kmalloc(MAX_EVENT_NAME_LEN, GFP_KERNEL);
1278 if (!gbuf)
1279 return -ENOMEM;
1280 ret = traceprobe_parse_event_name(&event, &group, gbuf,
1281 event - argv[0]);
1282 if (ret)
1283 return -EINVAL;
1284 }
1285
1286 if (!event) {
1287 ebuf = kmalloc(MAX_EVENT_NAME_LEN, GFP_KERNEL);
1288 if (!ebuf)
1289 return -ENOMEM;
1290 /* Make a new event name */
1291 if (is_tracepoint)
1292 snprintf(ebuf, MAX_EVENT_NAME_LEN, "%s%s",
1293 isdigit(*symbol) ? "_" : "", symbol);
1294 else
1295 snprintf(ebuf, MAX_EVENT_NAME_LEN, "%s__%s", symbol,
1296 is_return ? "exit" : "entry");
1297 sanitize_event_name(ebuf);
1298 event = ebuf;
1299 }
1300
1301 if (is_return)
1302 ctx->flags |= TPARG_FL_RETURN;
1303 else
1304 ctx->flags |= TPARG_FL_FENTRY;
1305
1306 ctx->funcname = NULL;
1307 if (is_tracepoint) {
1308 /* Get tracepoint and lock its module until the end of the registration. */
1309 struct tracepoint *tpoint;
1310
1311 ctx->flags |= TPARG_FL_TPOINT;
1312 mod = NULL;
1313 tpoint = find_tracepoint(symbol, &mod);
1314 if (tpoint) {
1315 sbuf = kmalloc(KSYM_NAME_LEN, GFP_KERNEL);
1316 if (!sbuf)
1317 return -ENOMEM;
1318 ctx->funcname = kallsyms_lookup((unsigned long)tpoint->probestub,
1319 NULL, NULL, NULL, sbuf);
1320 }
1321 }
1322 if (!ctx->funcname)
1323 ctx->funcname = symbol;
1324
1325 abuf = kmalloc(MAX_BTF_ARGS_LEN, GFP_KERNEL);
1326 if (!abuf)
1327 return -ENOMEM;
1328 argc -= 2; argv += 2;
1329 new_argv = traceprobe_expand_meta_args(argc, argv, &new_argc,
1330 abuf, MAX_BTF_ARGS_LEN, ctx);
1331 if (IS_ERR(new_argv))
1332 return PTR_ERR(new_argv);
1333 if (new_argv) {
1334 argc = new_argc;
1335 argv = new_argv;
1336 }
1337 if (argc > MAX_TRACE_ARGS) {
1338 trace_probe_log_set_index(2);
1339 trace_probe_log_err(0, TOO_MANY_ARGS);
1340 return -E2BIG;
1341 }
1342
1343 ret = traceprobe_expand_dentry_args(argc, argv, &dbuf);
1344 if (ret)
1345 return ret;
1346
1347 /* setup a probe */
1348 tf = alloc_trace_fprobe(group, event, symbol, argc, is_return, is_tracepoint);
1349 if (IS_ERR(tf)) {
1350 ret = PTR_ERR(tf);
1351 /* This must return -ENOMEM, else there is a bug */
1352 WARN_ON_ONCE(ret != -ENOMEM);
1353 return ret;
1354 }
1355
1356 /* parse arguments */
1357 for (i = 0; i < argc; i++) {
1358 trace_probe_log_set_index(i + 2);
1359 ctx->offset = 0;
1360 ret = traceprobe_parse_probe_arg(&tf->tp, i, argv[i], ctx);
1361 if (ret)
1362 return ret; /* This can be -ENOMEM */
1363 }
1364
1365 if (is_return && tf->tp.entry_arg) {
1366 tf->fp.entry_handler = trace_fprobe_entry_handler;
1367 tf->fp.entry_data_size = traceprobe_get_entry_data_size(&tf->tp);
1368 if (ALIGN(tf->fp.entry_data_size, sizeof(long)) > MAX_FPROBE_DATA_SIZE) {
1369 trace_probe_log_set_index(2);
1370 trace_probe_log_err(0, TOO_MANY_EARGS);
1371 return -E2BIG;
1372 }
1373 }
1374
1375 ret = traceprobe_set_print_fmt(&tf->tp,
1376 is_return ? PROBE_PRINT_RETURN : PROBE_PRINT_NORMAL);
1377 if (ret < 0)
1378 return ret;
1379
1380 ret = register_trace_fprobe_event(tf);
1381 if (ret) {
1382 trace_probe_log_set_index(1);
1383 if (ret == -EILSEQ)
1384 trace_probe_log_err(0, BAD_INSN_BNDRY);
1385 else if (ret == -ENOENT)
1386 trace_probe_log_err(0, BAD_PROBE_ADDR);
1387 else if (ret != -ENOMEM && ret != -EEXIST)
1388 trace_probe_log_err(0, FAIL_REG_PROBE);
1389 return -EINVAL;
1390 }
1391
1392 /* 'tf' is successfully registered. To avoid freeing, assign NULL. */
1393 tf = NULL;
1394
1395 return 0;
1396 }
1397
trace_fprobe_create_cb(int argc,const char * argv[])1398 static int trace_fprobe_create_cb(int argc, const char *argv[])
1399 {
1400 struct traceprobe_parse_context *ctx __free(traceprobe_parse_context) = NULL;
1401 int ret;
1402
1403 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
1404 if (!ctx)
1405 return -ENOMEM;
1406
1407 ctx->flags = TPARG_FL_KERNEL | TPARG_FL_FPROBE;
1408
1409 trace_probe_log_init("trace_fprobe", argc, argv);
1410 ret = trace_fprobe_create_internal(argc, argv, ctx);
1411 trace_probe_log_clear();
1412 return ret;
1413 }
1414
trace_fprobe_create(const char * raw_command)1415 static int trace_fprobe_create(const char *raw_command)
1416 {
1417 return trace_probe_create(raw_command, trace_fprobe_create_cb);
1418 }
1419
trace_fprobe_release(struct dyn_event * ev)1420 static int trace_fprobe_release(struct dyn_event *ev)
1421 {
1422 struct trace_fprobe *tf = to_trace_fprobe(ev);
1423 int ret = unregister_trace_fprobe(tf);
1424
1425 if (!ret)
1426 free_trace_fprobe(tf);
1427 return ret;
1428 }
1429
trace_fprobe_show(struct seq_file * m,struct dyn_event * ev)1430 static int trace_fprobe_show(struct seq_file *m, struct dyn_event *ev)
1431 {
1432 struct trace_fprobe *tf = to_trace_fprobe(ev);
1433 int i;
1434
1435 if (trace_fprobe_is_tracepoint(tf))
1436 seq_putc(m, 't');
1437 else
1438 seq_putc(m, 'f');
1439 seq_printf(m, ":%s/%s", trace_probe_group_name(&tf->tp),
1440 trace_probe_name(&tf->tp));
1441
1442 seq_printf(m, " %s%s", trace_fprobe_symbol(tf),
1443 trace_fprobe_is_return(tf) ? "%return" : "");
1444
1445 for (i = 0; i < tf->tp.nr_args; i++)
1446 seq_printf(m, " %s=%s", tf->tp.args[i].name, tf->tp.args[i].comm);
1447 seq_putc(m, '\n');
1448
1449 return 0;
1450 }
1451
1452 /*
1453 * Enable trace_probe
1454 * if the file is NULL, enable "perf" handler, or enable "trace" handler.
1455 */
enable_trace_fprobe(struct trace_event_call * call,struct trace_event_file * file)1456 static int enable_trace_fprobe(struct trace_event_call *call,
1457 struct trace_event_file *file)
1458 {
1459 struct trace_probe *tp;
1460 struct trace_fprobe *tf;
1461 bool enabled;
1462 int ret = 0;
1463
1464 tp = trace_probe_primary_from_call(call);
1465 if (WARN_ON_ONCE(!tp))
1466 return -ENODEV;
1467 enabled = trace_probe_is_enabled(tp);
1468
1469 /* This also changes "enabled" state */
1470 if (file) {
1471 ret = trace_probe_add_file(tp, file);
1472 if (ret)
1473 return ret;
1474 } else
1475 trace_probe_set_flag(tp, TP_FLAG_PROFILE);
1476
1477 if (!enabled) {
1478 list_for_each_entry(tf, trace_probe_probe_list(tp), tp.list) {
1479 ret = __register_trace_fprobe(tf);
1480 if (ret < 0)
1481 return ret;
1482 }
1483 }
1484
1485 return 0;
1486 }
1487
1488 /*
1489 * Disable trace_probe
1490 * if the file is NULL, disable "perf" handler, or disable "trace" handler.
1491 */
disable_trace_fprobe(struct trace_event_call * call,struct trace_event_file * file)1492 static int disable_trace_fprobe(struct trace_event_call *call,
1493 struct trace_event_file *file)
1494 {
1495 struct trace_fprobe *tf;
1496 struct trace_probe *tp;
1497
1498 tp = trace_probe_primary_from_call(call);
1499 if (WARN_ON_ONCE(!tp))
1500 return -ENODEV;
1501
1502 if (file) {
1503 if (!trace_probe_get_file_link(tp, file))
1504 return -ENOENT;
1505 if (!trace_probe_has_single_file(tp))
1506 goto out;
1507 trace_probe_clear_flag(tp, TP_FLAG_TRACE);
1508 } else
1509 trace_probe_clear_flag(tp, TP_FLAG_PROFILE);
1510
1511 if (!trace_probe_is_enabled(tp)) {
1512 list_for_each_entry(tf, trace_probe_probe_list(tp), tp.list) {
1513 unregister_fprobe(&tf->fp);
1514 }
1515 }
1516
1517 out:
1518 if (file)
1519 /*
1520 * Synchronization is done in below function. For perf event,
1521 * file == NULL and perf_trace_event_unreg() calls
1522 * tracepoint_synchronize_unregister() to ensure synchronize
1523 * event. We don't need to care about it.
1524 */
1525 trace_probe_remove_file(tp, file);
1526
1527 return 0;
1528 }
1529
1530 /*
1531 * called by perf_trace_init() or __ftrace_set_clr_event() under event_mutex.
1532 */
fprobe_register(struct trace_event_call * event,enum trace_reg type,void * data)1533 static int fprobe_register(struct trace_event_call *event,
1534 enum trace_reg type, void *data)
1535 {
1536 struct trace_event_file *file = data;
1537
1538 switch (type) {
1539 case TRACE_REG_REGISTER:
1540 return enable_trace_fprobe(event, file);
1541 case TRACE_REG_UNREGISTER:
1542 return disable_trace_fprobe(event, file);
1543
1544 #ifdef CONFIG_PERF_EVENTS
1545 case TRACE_REG_PERF_REGISTER:
1546 return enable_trace_fprobe(event, NULL);
1547 case TRACE_REG_PERF_UNREGISTER:
1548 return disable_trace_fprobe(event, NULL);
1549 case TRACE_REG_PERF_OPEN:
1550 case TRACE_REG_PERF_CLOSE:
1551 case TRACE_REG_PERF_ADD:
1552 case TRACE_REG_PERF_DEL:
1553 return 0;
1554 #endif
1555 }
1556 return 0;
1557 }
1558
1559 /*
1560 * Register dynevent at core_initcall. This allows kernel to setup fprobe
1561 * events in postcore_initcall without tracefs.
1562 */
init_fprobe_trace_early(void)1563 static __init int init_fprobe_trace_early(void)
1564 {
1565 int ret;
1566
1567 ret = dyn_event_register(&trace_fprobe_ops);
1568 if (ret)
1569 return ret;
1570
1571 #ifdef CONFIG_MODULES
1572 ret = register_tracepoint_module_notifier(&tracepoint_module_nb);
1573 if (ret)
1574 return ret;
1575 ret = register_module_notifier(&tprobe_event_module_nb);
1576 if (ret)
1577 return ret;
1578 #endif
1579
1580 return 0;
1581 }
1582 core_initcall(init_fprobe_trace_early);
1583